WRITEUP #1673

Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)

OtherAndroidInsecure intentInsecure deeplinkURL validation bypass

by@Yogehi(Ken Gannon)

Program

Samsung

Published

Jan 20, 2023

Added to HackDex

Jan 23, 2023

Read Full Writeuphttps://research.nccgroup.com/2023/01/20/technical-advisory-multiple-vulnerabilities-in-the-galaxy-app-store-cve-2023-21433-cve-2023-21434/

▸ RELATED WRITEUPS

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

OtherSSTI

Ghost In The Ppl Part 1: Byovdll

OtherUse-After-Free

Part 2: From Byovdll To Arbitrary Code Execution In Lsass

OtherUse-After-Free

Built with ❤️ by Shubham Rawat